Blockchain Lender Confirms Major Customer Data Breach

Publicly traded blockchain lender Figure Technology has confirmed a significant customer data breach following a targeted social engineering attack on one of its employees.

The company revealed that hackers manipulated internal access controls by deceiving a staff member, ultimately gaining entry to sensitive customer files. Unlike typical cyber intrusions involving software vulnerabilities, this incident highlights how human-targeted tactics remain one of the most effective methods for breaching even advanced financial platforms.

According to the company, personal information belonging to customers may have been exposed, including names, addresses, dates of birth, and phone numbers. While Figure emphasized that it acted quickly to contain the breach, the scale of the incident has raised concerns about security practices within crypto lending platforms and the broader fintech sector.

The breach comes at a time when blockchain-based financial services are rapidly expanding, making them increasingly attractive targets for cybercriminals seeking access to valuable personal data.

The cybercriminal group ShinyHunters has publicly claimed responsibility for the attack, stating that it stole and released approximately 2.5GB of internal data. The group allegedly published portions of the stolen information online, intensifying fears among customers about potential identity theft and financial fraud.

Security researchers analyzing the leaked material suggest that the exposed data could enable attackers to conduct follow-up scams, including phishing campaigns and account takeovers. As news of the breach spread, customers and industry observers began scrutinizing how such a large volume of information could be accessed through a single compromised employee account.

Publicly Traded Blockchain Lender Figure Confirms Customer Data Breachhttps://t.co/ZT52M5PaD2

— Decrypt (@DecryptMedia) February 14, 2026

The emergence of ShinyHunters in this incident is particularly notable, as the group has previously been associated with high-profile data breaches across multiple industries. Their involvement suggests a level of organization and planning that goes beyond opportunistic hacking attempts.

Investigations indicate that the breach was not caused by a flaw in the company’s codebase or blockchain infrastructure. Instead, attackers used social engineering tactics to manipulate an employee into granting access. By impersonating trusted contacts or exploiting internal communication channels, hackers were able to bypass technical defenses and obtain sensitive credentials.

This type of attack underscores a harsh reality within cybersecurity: human error often remains the weakest link. Even organizations with strong encryption, secure networks, and advanced monitoring tools can be compromised if attackers successfully exploit trust and psychological vulnerabilities.

Experts say social engineering attacks continue to succeed because they rely on deception rather than technical complexity. Cybercriminals invest significant time researching targets, crafting convincing messages, and exploiting moments of distraction or urgency. In fast-paced financial companies where employees handle sensitive information daily, a single mistake can have far-reaching consequences.

The breach may also be linked to companies using single sign-on authentication systems such as Okta, though investigations are still ongoing. Security analysts have noted that attackers sometimes target SSO platforms because they provide access to multiple internal systems through a single compromised account.

If the breach involved SSO infrastructure, it could explain how hackers were able to move laterally within internal systems and access large volumes of customer data. However, Figure has not confirmed any direct vulnerabilities within Okta itself, emphasizing that the root cause remains the social engineering attack on an employee.

The potential SSO connection highlights the need for multi-layered security measures. While centralized login systems offer convenience and efficiency, they also create high-value targets for cybercriminals seeking broad system access.

Following the breach, Figure announced several immediate actions to mitigate damage and protect affected customers. The company stated that it has blocked unauthorized access, initiated a comprehensive forensic investigation with external cybersecurity experts, and begun notifying individuals whose data may have been exposed.

In addition, Figure is offering free credit monitoring services to impacted users. This measure aims to help customers detect suspicious financial activity early and reduce the risk of identity theft. The company also emphasized that the breach was limited to customer data and did not compromise core blockchain systems or smart contract functionality.

Executives stressed that transparency and swift response were priorities, noting that internal teams are reviewing policies and implementing additional safeguards to prevent similar incidents in the future. These measures may include enhanced employee training, stricter authentication protocols, and improved monitoring for unusual login activity..

Despite these efforts, industry observers note that rebuilding customer trust may take time, particularly given the sensitive nature of the exposed information.

The Figure breach serves as a stark reminder that the rapid growth of blockchain finance brings new security challenges alongside innovation. As crypto lenders and fintech platforms handle increasingly large volumes of personal and financial data, they become prime targets for organized cybercrime groups.

Experts argue that the incident reinforces the importance of comprehensive cybersecurity strategies that go beyond technical defenses. Regular employee training, simulated phishing exercises, and strict access controls are becoming essential components of modern risk management.

The broader crypto industry has faced several high-profile breaches in recent years, but this case stands out because it demonstrates how attackers can bypass sophisticated technology simply by targeting people. While blockchain infrastructure itself remains secure, peripheral systems such as customer databases and internal communication tools continue to present vulnerabilities.

For customers affected by the breach, the immediate concern lies in protecting their identities and monitoring accounts for unusual activity. For companies operating in the digital asset space, the incident highlights the urgent need to invest in both human and technological defenses.

Ultimately, the Figure data breach underscores a growing reality: cybersecurity is no longer solely a technical issue, it is a human one. As attackers refine their social engineering tactics, organizations must adapt by strengthening awareness, improving internal processes, and fostering a culture of vigilance.

The crypto sector’s future depends not only on innovation but also on its ability to protect users from evolving threats. This latest breach may serve as a wake-up call, pushing companies to prioritize security at every level and reminding customers to remain cautious in an increasingly interconnected digital financial world.

Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.

Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!

The post Blockchain Lender Confirms Major Customer Data Breach appeared first on The Merkle News.